<?php require('framework/session.php'); ?>
<?php require('style/layout/header.php'); ?>
<div id="content_wrapper">
<div class="content">
<?php
if(isset($_SESSION['signed_in']) && $_SESSION['signed_in'] == TRUE) {
echo '<p class="false">' . $lang['already_signedin'] . ' - <a href="signout.php" class="false_link">' . $lang['signout'] . '</a></p>';
}else{
include('framework/attempts.php');
if($_SERVER['REQUEST_METHOD'] != 'POST') {
$attempting = "SELECT attempts FROM attempts WHERE ip = '" . $_SERVER['REMOTE_ADDR'] . "'";
$disallow = mysql_query($attempting) OR die(mysql_error());
$check = mysql_fetch_assoc($disallow);
if($check['attempts'] >= 3) {
echo '<p class="false">' . $lang['attempts_false'] . '</p>';
echo '<div class="clear_long"></div>';
echo '<h1 class="p_space">' . $lang['need_support'] . '?</h1>
<p><a href="forgotten.php" title="' . $lang['need_new_password'] . '" class="blue">' . $lang['forgot_password'] . '?</a></p>
<p><a href="resend.php" title="' . $lang['lost_conmail'] . '" class="blue">' . $lang['request_conmail'] . '?</a></p>';
}else{
echo '<p> </p>
<table align="center" width="350" border="0" cellpadding="0" cellspacing="0" summary="' . $lang['signin'] . '">
<tr><td><h1> ' . $lang['signin'] . '</h1></td></tr>
<tr><td><div class="sign_in"><form method="post" id="signin" action="">
<p><input type="text" class="bigfield_user" name="email" placeholder="' . $lang['e_mail_adress'] . '" required size="30"></p>
<p><input type="password" class="bigfield_pass" name="password" placeholder="' . $lang['password'] . '" required size="30"></p>
<p><input type="submit" class="buttons_big" value="' . $lang['signin'] . '" alt="' . $lang['signin'] . '"></p>
</form>
</div></td></tr>
<tr><td><p><a href="forgotten.php" title="' . $lang['need_new_password'] . '" class="blue">' . $lang['forgot_password'] . '?</a></p>
<p><a href="resend.php" title="' . $lang['lost_conmail'] . '" class="blue">' . $lang['request_conmail'] . '?</a></p></td></tr></table>';
}
}else{
confirmIPAddress($value);
$errors = array();
if(!isset($_POST['email'])) {
$errors[] = $lang['email_is_not_valid'];
}
if(!isset($_POST['password'])) {
$errors[] = $lang['pw_is_not_valid'];
}
if(!empty($errors)) {
echo '<p class="false">' . $lang['not_filled_in_all_fields'] . ' - <a href="javascript:history.back();" class="false_link">' . $lang['back'] . '</a></p>';
echo '<ul>';
foreach($errors as $key => $value) {
echo '<li>• ' . $value . '</li>';
}
echo '</ul>';
}else{
$sql = "SELECT
id,
name,
password,
email,
level,
active
FROM
members
WHERE
email = '" . mysql_real_escape_string($_POST['email']) . "'
AND
password = '" . sha1($_POST['password']) . "'
AND
`active` = '1'
LIMIT
1";
$result = mysql_query($sql) OR die(mysql_error());
if(!$result) {
addLoginAttempt($value);
echo sha1($_POST['password']);
echo '<p class="false">' . $lang['email_or_pw_incorrect'] . ' - <a href="signin.php" class="false_link">' . $lang['back'] . '</a></p>';
}else{
if(intval(mysql_num_rows($result)) == 0) {
addLoginAttempt($value);
echo '<p class="false">' . $lang['email_or_pw_incorrect'] . ' - <a href="signin.php" class="false_link">' . $lang['back'] . '</a></p>';
}else{
$_SESSION['signed_in'] = TRUE;
while($row = mysql_fetch_assoc($result)) {
$_SESSION['id'] = (int)$row['id'];
$_SESSION['name'] = htmlentities($row['name'], ENT_QUOTES);
$_SESSION['level'] = (int)$row['level'];
}
$lsi = "UPDATE
members
SET
status = NOW(),
visits = visits + 1
WHERE
id = " . (int)$_SESSION['id'];
$lsiresult = mysql_query($lsi) OR die(mysql_error());
clearLoginAttempts($value);
if(!$lsiresult) {
echo '<p class="false">' . $lang['an_error_occurred'] . ' - <a href="javascript:history.back();" class="false_link">' . $lang['back'] . '</a></p>';
include_once('framework/controller.php');
close_connection();
}else{
$autoforward = 3;
echo '<meta http-equiv="refresh" content="' . $autoforward . '; URL=index.php">';
include_once('framework/functions/welcoming.php');
echo '<p>' . $greeting . ', <u>' . htmlentities($_SESSION['name'], ENT_QUOTES) . '</u></p>';
}
}
}}}}
?>
<?php require('style/layout/footer.php'); ?>